Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday July 25 2020, @09:55PM   Printer-friendly
from the keep-up-with-your-patches dept.

Hackers actively exploit high-severity networking vulnerabilities:

Hackers are actively exploiting two unrelated high-severity vulnerabilities that allow unauthenticated access or even a complete takeover of networks run by Fortune 500 companies and government organizations.

The most serious exploits are targeting a critical vulnerability in F5's Big-IP advanced delivery controler, a device that's typically placed between a perimeter firewall and a Web application to handle load balancing and other tasks. The vulnerability, which F5 patched three weeks ago, allows unauthenticated attackers to remotely run commands or code of their choice. Attackers can then use their control of the device to hijack the internal network it's connected to.

[...] Attackers are exploiting a second vulnerability found in two network products sold by Cisco. Tracked as CVE-2020-3452, the path traversal flaw resides in the company's Adaptive Security Appliance and Firepower Threat Defense systems. It allows unauthenticated people to remotely view sensitive files that among other things can disclose WebVPN configurations, bookmarks, web cookies, partial web content, and HTTP URLs. Cisco issued a patch on Wednesday. A day later, it updated its advisory.

[...] The impact of these vulnerabilities—particularly the one affecting F5 customers—is serious. These in-the-wild attacks provide ample reason to occupy the weekend of any IT administrators who have yet to patch their vulnerable systems.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Sunday July 26 2020, @04:14AM (1 child)

    by Anonymous Coward on Sunday July 26 2020, @04:14AM (#1026449)

    Fucking liar. This isn't a Tech forum and you know it. This isn't a working folk forum and you know it. Soylent is Political News for Boomers on Pensions.

  • (Score: 2, Insightful) by anubi on Sunday July 26 2020, @09:28AM

    by anubi (2828) on Sunday July 26 2020, @09:28AM (#1026504) Journal

    Well, I do have to admit a lot of us are exactly what you said about boomers on pensions. A lot of us worked in tech all our lives, and find this kind of stuff interesting.

    Sometimes we need a sanity check and run something up the pole to see what the consensus here is. Or sometimes we need advice.

    By and large, the folks here have collectively seen a lot of stuff, and share just for asking.

    Many are old, and consider yourself lucky, as I do, that we made it this far.

    This psychopolitical upheaval going on these days has everyone on edge, and I even come to conclusions that the political elite are deliberately trying to get all of us fighting amongst ourselves so we will be too depleted to go after the ones instigating all this crap. All this pay inequality and dependence on luck or knowing the right people for economic survival is bound to result in unrest. For everybody, and especially those who drew the wrong card.

    There are plenty of resources, and plenty of tech to do the drudge work, yet we still have people on the street, while governments tax the hell out of people who create jobs, then reward those who hoard rights and resources for rent. Completely unproductive hoarding. Property. Patents. Copyrights. Licenses. Can't do this, Can't do that. Only someone else has the right to do something. Enough to piss anyone off.

    I can see you are pissed at this whole mess too.

    Welcome to the club.

    I'm a child of the 60's. We were gonna change the world. I got into engineering. I wanted to make stuff right. We tried. And we still have one helluva mess on our hands.

    A lot of us won't be around much longer, it would be nice to know what we tried to do did at least some good.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]